> would> >> need to encrypt communications over the loopback interface, would you? ;)> >> >No but rlogin availability without a firewall leaves the host> >open to the numerous flaws rlogin.> >> >Lets put it this way. If you had a machine up 24/7 on the net> >(and perhaps you do), would you run rshd/rlogind for your users> >for any reason?> >> >Not me.> >> > I do not on unsecured internet machines either. However, security could be> improve using the builtin linux kernel firewalling code. Make the machine> its own firewall.

I agree. And don't use insecure protocols like rsh. Use afirewall, and ssh. Old protocols should be deprecated.

--Mike A. Harris - Computer Consultant - Linux advocate

Escape from the confines of Microsoft's operating systems and push yourPC to it's limits with LINUX - a real OS. http://www.redhat.com